Open Source Host and Endpoint Security

ELK Stack

Visualize, analyze and search your host IDS alerts. ELK Stack is the combination of three popular Open Source projects for log management, known as Elasticsearch, Logstash and Kibana. Together they provide a real-time and user-friendly console for your OSSEC alerts.OSSEC Wazuh integration with ELK Stack comes with out-of-the-box dashboards for PCI DSS compliance and CIS benchmarks. You can do forensic and historical analysis of OSSEC alerts and store your data for several years, in a reliable and scalable platform.

Wazuh Ruleset for OSSEC

We have modified the existing OSSEC ruleset to increase threat detection capabilities, add functionality and expand OSSEC scope. It includes, among many others, compliance mapping with PCI DSS v3.1, CIS security controls and additional decoders and rules.The Wazuh Ruleset is curated through the effort of a dedicated team and the help of the community. We encourage OSSEC users to contribute and/or request new rules and decoders.

OSSEC RESTful API

This service controls the OSSEC Manager using REST requests. RESTful interaction allows to execute OSSEC commands easily from your application (or using a web browser). Manage your environment via the API, including agent remote management, and the ability to extract rootcheck or syscheck information across large deployments. In addition, it integrates OSSEC with external systems.Installation is easy and the footprint is small, in a NodeJS Express Package that implements HTTP authentication over SSL/TLS.